CVE-2002-0481

An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.

Published: Aug 12, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0481
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / outlook	2002	2002.x

http://online.securityfocus.com/archive/1/263429
http://www.iss.net/security_center/static/8604.php
http://www.securityfocus.com/bid/4340

Vulnerability Database

289,599

CVE-2002-0481